adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,642 Commits 27 Branches 1,043 Tags
8f51663545da02fa29c17433bc4ffdee4fd105d5
Commit Graph

4413 Commits

Author SHA1 Message Date
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
Spencer McIntyre 82cc8526d4 Land #15501, Add CVE-2019-11580 (Atlassian Crowd) 2021-08-12 09:38:31 -04:00
Grant Willcox 85ef49a79c Land #15535, Update psexec module to use SMBSHARE option name for consistency 2021-08-11 17:41:38 -05:00
Grant Willcox 5fdf990f24 Land #15519, Lexmark Universal Print Driver Local Privilege Escalation 2021-08-11 15:03:53 -05:00
Grant Willcox 92327461d3 Add in driver installation instructions to documentation 2021-08-11 14:40:21 -05:00
Grant Willcox 7b25bd366f Update documentation and fix a few typos so that it reflects latest changes 2021-08-11 12:25:36 -05:00
Jacob Baines afa3d92774 Switched to upnp implementation 2021-08-10 18:17:18 -04:00
Grant Willcox 3ef2c0cf5a Land #15520, Canon TR150 Print Driver Local Privilege Escalation 2021-08-10 16:09:36 -05:00
adfoster-r7 b9d2f30bbd Update psexec module to use SMBSHARE option name for consistency 2021-08-10 13:17:57 +01:00
Grant Willcox 55404ff29f Further fixes from review and further touch up edits 2021-08-09 14:23:05 -05:00
Grant Willcox f8d838bba2 Fix first round of comments from the review process 2021-08-09 12:13:27 -05:00
Christophe De La Fuente 07c9350733 Land #15430, Support for SSH pivoting 2021-08-09 18:34:08 +02:00
Grant Willcox 838142362c Apply first round of updates from review comments to improve explanations of the vulnerability and fix some minor issues 2021-08-09 09:59:09 -05:00
Jacob Baines 0e41a0e81e Addressed all but one review items 2021-08-07 06:46:49 -04:00
Jacob Baines 8d699c0c4e Addressed various review comments 2021-08-06 14:55:50 -04:00
Grant Willcox ade653f0bf Final fixup edits to change the timeout value to be an advanced option and also to use send_req_cgi 2021-08-05 13:10:24 -05:00
Jacob Baines f851faf2e4 Initial commit for Canon driver exploit 2021-08-05 11:17:45 -04:00
Grant Willcox 00cfdc4f17 Use Faker to generate a fake app name, add in option to specify timeout to server, and also fix Alan's remaining review comments 2021-08-05 09:46:34 -05:00
Jacob Baines e6c48db072 Initial version of CVE-2021-35449 2021-08-04 16:08:43 -04:00
Grant Willcox 0d7d5ab93f Switch over to Rex::MIME::Message to use our built in mixins, and also fix last remaining review comments 2021-08-02 11:17:26 -05:00
Grant Willcox 27f70af1b3 Fix up some of the mistakes wvu pointed out 2021-07-30 15:28:10 -05:00
Grant Willcox 3427571887 Push up working CVE-2019-11580 exploit and associated documentation 2021-07-30 12:07:12 -05:00
Spencer McIntyre dba3db741a Land #15462, [CVE-2021-36934] HiveNightmare 2021-07-29 12:53:48 -04:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
space-r7 0561ae978f fix typos, pihole version in docs 2021-07-29 11:13:58 -05:00
Spencer McIntyre 36cc2fd7e5 Rename an option and update docs for HiveNightmare 2021-07-29 12:07:56 -04:00
Yann Castel fb99af1152 Add post module for HiveNightmare 
correct CVE id

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

Update modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb

Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>

use of vars_get + delete payload after use

initial commit

Update hivenightmare_windows_sam_leak.rb

using railgun to read files + specific index option

Update hivenightmare_windows_sam_leak.rb

post module + add description + add documentation

Delete wp_plugin_modern_events_calendar_rce.rb

Delete wp_plugin_modern_events_calendar_rce.md

add scenario in doc

Update windows_sam_hivenightmare.md

Update windows_sam_hivenightmare.rb

Update modules/post/windows/gather/credentials/windows_sam_hivenightmare.rb

Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>

minor changes

msftidy

Update modules/post/windows/gather/credentials/windows_sam_hivenightmare.rb

Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com>
 2021-07-29 11:54:31 -04:00
Grant Willcox a518fcac98 Add in timeout to 10th and final request to prevent module from throwing errors like it isn't working when it really is 2021-07-28 11:32:47 -05:00
Grant Willcox a53411229f Move files over to start work on converting this into an auxiliary module 2021-07-27 13:00:17 -05:00
Grant Willcox 8954dd5d2d Add in documentation and update module description to match 2021-07-27 13:00:15 -05:00
Shelby Pace 183caff15c Land #15418, add modern events calendar rce 2021-07-26 09:45:05 -05:00
Shelby Pace 38ae82155e modify info, fix spacing 2021-07-26 09:43:34 -05:00
Spencer McIntyre 426898e065 Add a tip and note in the module docs 2021-07-26 09:13:11 -04:00
Shelby Pace 9e95eb7be1 Land #15408, add Wordpress sp doc file upload 2021-07-23 12:36:29 -05:00
Shelby Pace d207f994c0 modify doc description 
randomize form data, formatting
 2021-07-23 12:33:41 -05:00
Hakyac 1a55cfc88c Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:10 +02:00
Hakyac 76a7233ee9 Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:12:00 +02:00
Hakyac cf9a5be774 Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:11:49 +02:00
Hakyac 9eb8d521f8 Update documentation/modules/exploit/multi/http/wp_plugin_modern_events_calendar_rce.md 
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com>
 2021-07-23 10:08:19 +02:00
Shelby Pace 7a39f4c4dd Land #15211, add apache tapestry gatherer 2021-07-22 11:58:03 -05:00
Shelby Pace bc1f106bcb change method of retrieving key 
add checks on responses, update docs
 2021-07-21 17:56:41 -05:00
William Vu af0092f290 Land #15400, Sage X3 modules 2021-07-20 20:36:48 -05:00
William Vu b9a71449e5 Add module docs 2021-07-20 20:07:08 -05:00
Shelby Pace 79d49a6857 Land #15402, add Wordpress Backup Guard rce 2021-07-20 15:53:57 -05:00
Shelby Pace f738383b98 rename docs, modify privileged to false 
use vars_get in upload request
 2021-07-20 15:31:38 -05:00
Hakyac 109ca7ec7a Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
 2021-07-20 09:05:27 +02:00
Grant Willcox 5aad658dae Land #15438, Add new supported eternalblue targets to documentation 2021-07-16 13:12:33 -05:00
Grant Willcox a276f336f0 Final touchup work for PR 15438 to reference kernel pool and clear some wording up 2021-07-16 13:12:14 -05:00
A Galway 42a751e0db Add new supported targets 2021-07-16 16:58:34 +01:00
Grant Willcox b27676ca0a Land #15409, Improved PrintNightmare Check and DCERPC Library Bug Fixes 2021-07-16 08:54:42 -05:00